PLEASE HELP....
I'm having trouble. In my login form after I've verified the
username/password are valid I do this:
Select Case iMyPrivilege
Case 0
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2
Dim arrRoles() As String = {"guest", "user""admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
In my Global.asax.vb I have this code:
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
If Context.User.IsInRole("guest") Then
Response.Write("GUEST: " & Context.User.Identity.Name)
ElseIf Context.User.IsInRole("user") Then
Response.Write("USER: " & Context.User.Identity.Name)
ElseIf Context.User.IsInRole("admin") Then
Response.Write("ADMIN: " & Context.User.Identity.Name)
Else
Response.Write("????: " & Context.User.Identity.Name)
End If
End If
End Sub
PROBLEM 1: In Application_AuthenticateRequest the If statement for
"IsInRole" ALWAYS drops to the Else, like it doesn't recognize what I filled
in for form login. Any ideas?
PROBLEM 2: In my Login code I actually had "Context.User =" line outside
the case statement but it kept saying "Name 'arrRoles' is not declared."
even though I did declare it in the case statement. Any ideas?
Thanks!
11  1688 
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:uZ**************@TK2MSFTNGP09.phx.gbl... PLEASE HELP....
...
PROBLEM 1: In Application_AuthenticateRequest the If statement for
"IsInRole" ALWAYS drops to the Else, like it doesn't recognize what I
filled in for form login. Any ideas?
Remember that HTTP is stateless, and so is ASP.NET. By the time you get to
Application_AuthenticateRequest, everything you ever did in Login is gone.
You need to persist it, probably in the Forms Authentication ticket. See my
response to your earlier post, "
Question: COntext.User.IsInRole".
PROBLEM 2: In my Login code I actually had "Context.User =" line outside
the case statement but it kept saying "Name 'arrRoles' is not declared."
even though I did declare it in the case statement. Any ideas?
It looks like the case clauses each introduce a new scope. Did you notice
that you were able to declare the same name three times? When that case
clause is done, the scope is gone, and so are any variables declared in that
scope. Declare your array before the "Select" and just set it in each Case
clause.
--
John Saunders
Internet Engineer jo***********@surfcontrol.com
To use forms authentication...
1. Modify <Web.config>
Turn on forms authentication...
<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
Insert before the end of the file add the section for Secured dir....
<location path="Secured">
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*" />
</authorization>
</system.web>
</location>
2. Login.aspx
After user is verified (in db, xml, etc...) add this:
System.Web.Security.FormsAuthentication.RedirectFr omLoginPage(txtUserName.Te
xt.Trim, True)
3. Global.asax.vb
First add imports statement "Imports System.Security.Principal"
Then...
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
' Get the user's role
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT blah FROM
blah WHERE blah", cnnMyConnection)
Dim drUsers As SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
While drUsers.Read
Select Case drUsers.GetValue(1)
Case 0 ' guest (read only)
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1 ' user (start/stop engines)
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2 ' admin (everything)
Dim arrRoles() As String = {"guest", "user",
"admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
End While
cnnMyConnection .Close()
'If Context.User.IsInRole("guest") Then Response.Write("GUEST "
& Context.User.Identity.Name)
End If
End Sub
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:eO****************@TK2MSFTNGP10.phx.gbl... To use forms authentication...
.... 3. Global.asax.vb
First add imports statement "Imports System.Security.Principal"
Then...
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
' Get the user's role
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT blah FROM
blah WHERE blah", cnnMyConnection)
Dim drUsers As SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
While drUsers.Read
Select Case drUsers.GetValue(1)
Case 0 ' guest (read only)
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1 ' user (start/stop engines)
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2 ' admin (everything)
Dim arrRoles() As String = {"guest", "user",
"admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
End While
cnnMyConnection .Close()
'If Context.User.IsInRole("guest") Then Response.Write("GUEST
" & Context.User.Identity.Name)
End If
End Sub
Your code will work fine, and will run on every request made to a page in
your web application. That's a lot of database work.
I suggest you put the database code into Login, save the resultant roles in
the UserData of the Forms Authentication Ticket, and retrieve them in
Application_AuthenticateRequest.
--
John Saunders
Internet Engineer jo***********@surfcontrol.com
Should I put that code in my login form or global.asax.vb?
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:u1**************@TK2MSFTNGP12.phx.gbl... "VB Programmer" <gr*********@go-intech.com> wrote in message
news:eO****************@TK2MSFTNGP10.phx.gbl... To use forms authentication...
... 3. Global.asax.vb
First add imports statement "Imports System.Security.Principal"
Then...
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e
As EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
' Get the user's role
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT blah
FROM blah WHERE blah", cnnMyConnection)
Dim drUsers As SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
While drUsers.Read
Select Case drUsers.GetValue(1)
Case 0 ' guest (read only)
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1 ' user (start/stop engines)
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2 ' admin (everything)
Dim arrRoles() As String = {"guest", "user",
"admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
End While
cnnMyConnection .Close()
'If Context.User.IsInRole("guest") Then
Response.Write("GUEST " & Context.User.Identity.Name)
End If
End Sub
Your code will work fine, and will run on every request made to a page in
your web application. That's a lot of database work.
I suggest you put the database code into Login, save the resultant roles
in the UserData of the Forms Authentication Ticket, and retrieve them in
Application_AuthenticateRequest.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
Cool. That's basically what I did.
1. What defines where the custom cookie is stored? I used to see the
default cookie in "C:\Documents and Settings\Administrator\Cookies", but now
I can't find my custom cookie?
2. How do I retrieve the roles that are stored in UserData (ticket)?
3. What is a common reason why you would access this in
Application_AuthenticateRequest? This seems to work with no code in
Application_AuthenticateRequest.
You're a great resource! Thanks.
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:Ox**************@tk2msftngp13.phx.gbl... "VB Programmer" <gr*********@go-intech.com> wrote in message
news:%2***************@TK2MSFTNGP10.phx.gbl... Should I put that code in my login form or global.asax.vb?
I suggest you put the database code into Login, save the resultant roles
into the UserData of the Forms Authentication Ticket, and retrieve them in
Application_AuthenticateRequest.
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:u1**************@TK2MSFTNGP12.phx.gbl... "VB Programmer" <gr*********@go-intech.com> wrote in message
news:eO****************@TK2MSFTNGP10.phx.gbl...
> To use forms authentication...
>
...
> 3. Global.asax.vb
> First add imports statement "Imports System.Security.Principal"
>
> Then...
> Sub Application_AuthenticateRequest(ByVal sender As Object,
ByVal e As > EventArgs)
> ' Fires upon attempting to authenticate the use
> If Request.IsAuthenticated Then
> ' Get the user's role
> Dim cnnMyConnection As SqlConnection = New
> SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
> Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT blah
FROM > blah WHERE blah", cnnMyConnection)
> Dim drUsers As SqlDataReader
>
> cnnMyConnection.Open()
> drUsers = cmdMyCmd.ExecuteReader
>
> While drUsers.Read
> Select Case drUsers.GetValue(1)
> Case 0 ' guest (read only)
> Dim arrRoles() As String = {"guest"}
> Context.User = New
> System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
> Case 1 ' user (start/stop engines)
> Dim arrRoles() As String = {"guest", "user"}
> Context.User = New
> System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
> Case 2 ' admin (everything)
> Dim arrRoles() As String = {"guest", "user",
> "admin"}
> Context.User = New
> System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
> End Select
> End While
>
> cnnMyConnection .Close()
>
> 'If Context.User.IsInRole("guest") Then
Response.Write("GUEST "
> & Context.User.Identity.Name)
> End If
> End Sub
>
>
Your code will work fine, and will run on every request made to a page in your web application. That's a lot of database work.
I suggest you put the database code into Login, save the resultant
roles in the UserData of the Forms Authentication Ticket, and retrieve them in
Application_AuthenticateRequest.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
Please answer #1 and #2.
Ignore #3: I figured out that this is where you need to setup the new
GenericPrincipal BASED on the role that is stored in the UserData (in the
cookie).... I think. ;)
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:uA**************@TK2MSFTNGP12.phx.gbl... Cool. That's basically what I did.
1. What defines where the custom cookie is stored? I used to see the
default cookie in "C:\Documents and Settings\Administrator\Cookies", but
now I can't find my custom cookie?
2. How do I retrieve the roles that are stored in UserData (ticket)?
3. What is a common reason why you would access this in
Application_AuthenticateRequest? This seems to work with no code in
Application_AuthenticateRequest.
You're a great resource! Thanks.
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:Ox**************@tk2msftngp13.phx.gbl... "VB Programmer" <gr*********@go-intech.com> wrote in message
news:%2***************@TK2MSFTNGP10.phx.gbl... Should I put that code in my login form or global.asax.vb?
I suggest you put the database code into Login, save the resultant roles
into the UserData of the Forms Authentication Ticket, and retrieve them
in Application_AuthenticateRequest.
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:u1**************@TK2MSFTNGP12.phx.gbl...
> "VB Programmer" <gr*********@go-intech.com> wrote in message
> news:eO****************@TK2MSFTNGP10.phx.gbl...
> > To use forms authentication...
> >
> ...
> > 3. Global.asax.vb
> > First add imports statement "Imports System.Security.Principal"
> >
> > Then...
> > Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
> > EventArgs)
> > ' Fires upon attempting to authenticate the use
> > If Request.IsAuthenticated Then
> > ' Get the user's role
> > Dim cnnMyConnection As SqlConnection = New
> > SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
> > Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT
blah FROM
> > blah WHERE blah", cnnMyConnection)
> > Dim drUsers As SqlDataReader
> >
> > cnnMyConnection.Open()
> > drUsers = cmdMyCmd.ExecuteReader
> >
> > While drUsers.Read
> > Select Case drUsers.GetValue(1)
> > Case 0 ' guest (read only)
> > Dim arrRoles() As String = {"guest"}
> > Context.User = New
> > System.Security.Principal.GenericPrincipal(User.Id entity,
arrRoles) > > Case 1 ' user (start/stop engines)
> > Dim arrRoles() As String = {"guest",
"user"} > > Context.User = New
> > System.Security.Principal.GenericPrincipal(User.Id entity,
arrRoles) > > Case 2 ' admin (everything)
> > Dim arrRoles() As String = {"guest",
"user", > > "admin"}
> > Context.User = New
> > System.Security.Principal.GenericPrincipal(User.Id entity,
arrRoles) > > End Select
> > End While
> >
> > cnnMyConnection .Close()
> >
> > 'If Context.User.IsInRole("guest") Then
Response.Write("GUEST
> "
> > & Context.User.Identity.Name)
> > End If
> > End Sub
> >
> >
>
> Your code will work fine, and will run on every request made to a
page in > your web application. That's a lot of database work.
>
> I suggest you put the database code into Login, save the resultant
roles in
> the UserData of the Forms Authentication Ticket, and retrieve them
in > Application_AuthenticateRequest.
> --
> John Saunders
> Internet Engineer
> jo***********@surfcontrol.com
>
>
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:uA**************@TK2MSFTNGP12.phx.gbl... Cool. That's basically what I did.
1. What defines where the custom cookie is stored? I used to see the
default cookie in "C:\Documents and Settings\Administrator\Cookies", but
now I can't find my custom cookie?
If you don't set an expiration date on a cookie, it will be a "session
cookie", which I don't believe is stored on disk. Session cookies are a Good
Thing, as browsers are more likely to be set to accept them than permanent
cookies.
2. How do I retrieve the roles that are stored in UserData (ticket)?
By doing the opposite of of what you did to put them there. :-)
For instance, if your database code in login produced an array of roles, you
might use:
string[] roles = GetRolesForUser(userName);
string userData = String.Join(",", roles);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
userName,
System.DateTime.Now,
System.DateTime.Now.AddMinutes(30),
isPersistent,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,
encTicket));
// Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectU rl(userName,isPersistent))
;
Well, in this case you'll want to do the following in
Application_AuthenticateRequest:
FormsIdentity fi = User.Identity as FormsIdentity;
if (fi == null) return; // don't know how _that_ happened!
FormsAuthenticationTicket ticket = fi.Ticket;
string userData = ticket.UserData;
string roles[] = userData.Split(',');
Request.User = new GenericPrincipal(fi, roles);
3. What is a common reason why you would access this in
Application_AuthenticateRequest? This seems to work with no code in
Application_AuthenticateRequest.
But it's not working. If you put the user in a role right now, is he still
in the same role on all subsequent requests? I doubt it. You need to set the
Principal on each request - remember we're talking "stateless".
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
You're a great resource! Thanks.
You're welcome.
--
John Saunders
Internet Engineer jo***********@surfcontrol.com
John, it works like a champ. Thanks for ALL of your help! ;)
FYI, this is what I changed...
(1) In my login page it calls...
Public Sub RedirectFromLoginPage(ByVal strUserName As String, ByVal
strUserData As String, ByVal strDefaultRedirectUrl As String)
Dim ctxMyContext As HttpContext = HttpContext.Current
Dim fatTicket As New FormsAuthenticationTicket( _
1, txtUserName.Text.ToUpper.Trim, DateTime.Now, _
DateTime.Now.AddMinutes(30), False, strUserData)
Dim strCookieValue As String =
FormsAuthentication.Encrypt(fatTicket)
Dim cookieMyCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName)
Dim strReturnUrl As String
With cookieMyCookie
.Path = FormsAuthentication.FormsCookiePath
.Value = strCookieValue
.Expires = DateTime.Now.AddMinutes(30)
End With
ctxMyContext.Response.Cookies.Add(cookieMyCookie)
If ctxMyContext.Request.QueryString("ReturnUrl") Is Nothing Then
strReturnUrl = strDefaultRedirectUrl
Else
strReturnUrl = ctxMyContext.Request.QueryString("ReturnUrl")
End If
ctxMyContext.Response.Redirect(strReturnUrl)
End Sub
(2)
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
Dim fiIndentity As FormsIdentity = CType(User.Identity,
FormsIdentity)
If fiIndentity Is Nothing Then Exit Sub
Dim fatTicket As Security.FormsAuthenticationTicket =
fiIndentity.Ticket
Dim strUserData As String = fatTicket.UserData
Select Case strUserData
Case "guest"
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
Case "user"
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
Case "admin"
Dim arrRoles() As String = {"guest", "user", "admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
End Select
End If
End Sub
This looks good, but one thing was lost in the translation. Ctype doesn't do
the same thing as the "as" operator does in C#.
"object as Type" will return null (Nothing) if object cannot be cast to
Type, otherwise it will do the cast and return the result. On the other
hand, if somehow User.Identify were not a FormsIdentify, CType would throw
an exception.
--
John Saunders
Internet Engineer jo***********@surfcontrol.com
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... John, it works like a champ. Thanks for ALL of your help! ;)
FYI, this is what I changed...
(1) In my login page it calls...
Public Sub RedirectFromLoginPage(ByVal strUserName As String, ByVal
strUserData As String, ByVal strDefaultRedirectUrl As String)
Dim ctxMyContext As HttpContext = HttpContext.Current
Dim fatTicket As New FormsAuthenticationTicket( _
1, txtUserName.Text.ToUpper.Trim, DateTime.Now, _
DateTime.Now.AddMinutes(30), False, strUserData)
Dim strCookieValue As String =
FormsAuthentication.Encrypt(fatTicket)
Dim cookieMyCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName)
Dim strReturnUrl As String
With cookieMyCookie
.Path = FormsAuthentication.FormsCookiePath
.Value = strCookieValue
.Expires = DateTime.Now.AddMinutes(30)
End With
ctxMyContext.Response.Cookies.Add(cookieMyCookie)
If ctxMyContext.Request.QueryString("ReturnUrl") Is Nothing Then
strReturnUrl = strDefaultRedirectUrl
Else
strReturnUrl = ctxMyContext.Request.QueryString("ReturnUrl")
End If
ctxMyContext.Response.Redirect(strReturnUrl)
End Sub
(2)
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
Dim fiIndentity As FormsIdentity = CType(User.Identity,
FormsIdentity)
If fiIndentity Is Nothing Then Exit Sub
Dim fatTicket As Security.FormsAuthenticationTicket =
fiIndentity.Ticket
Dim strUserData As String = fatTicket.UserData
Select Case strUserData
Case "guest"
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
Case "user"
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
Case "admin"
Dim arrRoles() As String = {"guest", "user", "admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
End Select
End If
End Sub
The reason I changed it from...
Dim fiIndentity As FormsIdentity = User.Identity
to...
Dim fiIndentity As FormsIdentity = CType(User.Identity, FormsIdentity)
....was that I go a squiggly under User.Identity stating "Option Strict On
disallows implicit conversions from 'System.Security.Principle.Iidentity' to
'System.Web.Security.FormsIdentity.'" Should I do it an alternate way?
"John Saunders" <jo***********@surfcontrol.com> wrote in message
news:OE*************@TK2MSFTNGP12.phx.gbl... This looks good, but one thing was lost in the translation. Ctype doesn't
do the same thing as the "as" operator does in C#.
"object as Type" will return null (Nothing) if object cannot be cast to
Type, otherwise it will do the cast and return the result. On the other
hand, if somehow User.Identify were not a FormsIdentify, CType would throw
an exception.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... John, it works like a champ. Thanks for ALL of your help! ;)
FYI, this is what I changed...
(1) In my login page it calls...
Public Sub RedirectFromLoginPage(ByVal strUserName As String, ByVal
strUserData As String, ByVal strDefaultRedirectUrl As String)
Dim ctxMyContext As HttpContext = HttpContext.Current
Dim fatTicket As New FormsAuthenticationTicket( _
1, txtUserName.Text.ToUpper.Trim, DateTime.Now, _
DateTime.Now.AddMinutes(30), False, strUserData)
Dim strCookieValue As String =
FormsAuthentication.Encrypt(fatTicket)
Dim cookieMyCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName)
Dim strReturnUrl As String
With cookieMyCookie
.Path = FormsAuthentication.FormsCookiePath
.Value = strCookieValue
.Expires = DateTime.Now.AddMinutes(30)
End With
ctxMyContext.Response.Cookies.Add(cookieMyCookie)
If ctxMyContext.Request.QueryString("ReturnUrl") Is Nothing Then
strReturnUrl = strDefaultRedirectUrl
Else
strReturnUrl = ctxMyContext.Request.QueryString("ReturnUrl")
End If
ctxMyContext.Response.Redirect(strReturnUrl)
End Sub
(2)
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e
As EventArgs)
' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
Dim fiIndentity As FormsIdentity = CType(User.Identity,
FormsIdentity)
If fiIndentity Is Nothing Then Exit Sub
Dim fatTicket As Security.FormsAuthenticationTicket =
fiIndentity.Ticket
Dim strUserData As String = fatTicket.UserData
Select Case strUserData
Case "guest"
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
Case "user"
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
Case "admin"
Dim arrRoles() As String = {"guest", "user",
"admin"} Context.User = New
System.Security.Principal.GenericPrincipal(fiInden tity, arrRoles)
End Select
End If
End Sub
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:Ol**************@tk2msftngp13.phx.gbl... The reason I changed it from...
Dim fiIndentity As FormsIdentity = User.Identity
to...
Dim fiIndentity As FormsIdentity = CType(User.Identity, FormsIdentity)
...was that I go a squiggly under User.Identity stating "Option Strict On
disallows implicit conversions from 'System.Security.Principle.Iidentity'
to 'System.Web.Security.FormsIdentity.'" Should I do it an alternate way?
No, but you should first check to make sure it's a FormsIdentity - and I
can't remember right now how VB.NET does that!
--
John Saunders
Internet Engineer jo***********@surfcontrol.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Michael Foord |
last post by:
#!/usr/bin/python -u
# 15-09-04
# v1.0.0
# auth_example.py
# A simple script manually demonstrating basic authentication.
# Copyright Michael Foord
# Free to use, modify and relicense.
#...
|
by: phreeskier |
last post by:
i want to implement authorization with windows authentication and don't
have the slightest clue of how to do this implementation. the basic
windows authentication for this .NET application is...
|
by: Kris van der Mast |
last post by:
Hi,
I've created a little site for my sports club. In the root folder there are
pages that are viewable by every anonymous user but at a certain subfolder
my administration pages should be...
|
by: pv |
last post by:
Hi everyone,
I need help with following scenario, please:
Users are accessing same web server from intranet (users previously
authenticated in Active Dir) and from extranet (common public...
|
by: Joe Rigley |
last post by:
Help Please!
I've been tasked with converting a portion of the corporate web site that
currently utilizes local user accounts and NTFS via Basic Authentication to
access certain files on the...
|
by: Anonymous User |
last post by:
Hi,
I am working on a mobile application that consists of a number of handheld
scanners, an Xml Web service and an Oracle 9i database in a highly secure
environment. The .Net Compact Framework...
|
by: Bruce Groen |
last post by:
I am having some authentication issues. I download a sample app to test the
forms based authentication process of asp.net and it works on one of my
servers but not the other one. The one that it...
|
by: varkey.mathew |
last post by:
Dear all,
Bear with me, a poor newbie(atleast in AD)..
I have to authenticate a user ID and password for a user as a valid
Active Directory user or not. I have created the IsAuthenticated...
|
by: Shals |
last post by:
Hi,
I have a DTS Package created in SQL Server but the client wants to
execute the DTS package from within MS Access by clicking a button.
If any one can tell me how to execute that DTS from...
|
by: gunimpi |
last post by:
http://www.vbforums.com/showthread.php?p=2745431#post2745431
********************************************************
VB6 OR VBA & Webbrowser DOM Tiny $50 Mini Project Programmer help
wanted...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
